I was watching Squawk on the Street on CNBC this morning (I know...) anyway they had this guy on from a company called Wave Systems. He was talking about their single sign-on technology for computers.

Single sign-on (SSO) is a property of access control of multiple, related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Single sign-off is the reverse property whereby a single action of signing out terminates access to multiple software systems.

I swear he said that the government was interested in it in some way. I can't find the video anywhere but I was thinking why would the government be pushing this technology? Shouldn't that be coming from the private sector like Apple or Microsoft?

My gut feeling on this is that if the government made the device mandatory the when they came and took your computer (under the Patriot Act) then they would have full access to all your blog enteries, web destinations, etc. I'm sure they can do that anyway but it struck me as eerie. Anyone else know anything about this? Here is all I have:

SSO (Single Sign-On) has been the "Holy Grail" in IT for many, many years. Many of the implementations are based on the Kerberos protocol which has been around for over 20 years. I have worked on Kerberos installations over much of it's existance. It will generally work well on homogenous highly reliable networked platforms (all Windows, all Unix, etc), but in a heterogenous or unreliable network installations I have yet to see it work perfectly. There are too many different vendors, custom developed code, etc. While not impossible, it is fairly complex compare to a simple password authentication system (which many vendors/programmers can't even implement correctly).

Microsoft, being a very large player, made Kerberos part of their Active Directory system. However, being Microsoft, they extended and tweaked the implementation so that it would only work with Microsoft products (as they do with nearly everything - there are standards, then there are Microsoft standards ). Now to maintain their advantage, they use the DMCA to pummel anyone who dares try to integrate other systems with theirs. This is not very conducive for wide spread SSO.

The point to all this is I wouldn't worry too much about a SSO implementation from the government anytime soon. Companies have been trying to make this stuff work for a very long time and have lots of problems, do you really think government involvement would help this situation? One of the main problems with SSO is that it requires highly reliable networks, synchronized clocks and tight integration with products from multiple vendors - and that's just not a reality today.

For technology related issues, I highly recommend checking out the "Electronic Frontier Foundation" (EFF). They cover lots of issues related to privacy, free speech, etc. Most people have no idea how many of their rights are being taken away by legislation in the technology area. It's the reason I minimize use of any Apple or Microsoft products - I consider them just as evil as Monsanto at trying to take away your liberty.

SSO or single sign-on has already been implemented, it is widely used especially for the US Army. It is very convenient as I do not have to keep signing in to each portal. So it is implemented in the government.

SSO or single sign-on has already been implemented, it is widely used especially for the US Army. It is very convenient as I do not have to keep signing in to each portal. So it is implemented in the government.

Yes, I too have SSO for the organization that I work for so that I have the same sign on for all software products for that installation. I think the point of this though is that SSO that the gov would want would be for all sites and software that you might use. I suspect that is a long way off, if ever.